Legal claims defining the scope of protection. Each claim is shown in both the original legal language and a plain English translation.
1. An information handling system comprising: a hardware processor; a directory service application comprising a program of instructions embodied in non-transitory, computer-readable media accessible to the hardware processor, the directory service application configured to: enumerate a plurality of management controller categories for management controllers configured to provide out-of-band management of a plurality of information handling systems communicatively coupled to one another via a network, wherein the management controller categories specify different types of management controllers, and wherein at least one of the plurality of management controller categories includes a plurality of the management controllers; and create a directory service device object for each of the plurality of management controller categories; wherein the directory service application is configured not to create directory service device objects for individual ones of the management controllers.
This invention relates to networked information handling systems and addresses the challenge of managing multiple management controllers in a scalable and organized manner. Management controllers provide out-of-band management for information handling systems, allowing remote administration and monitoring. The invention introduces a directory service application that categorizes these management controllers into distinct groups based on their types, rather than treating each controller as an isolated entity. The application enumerates multiple management controller categories, where each category represents a different type of management controller, and at least one category contains multiple controllers. For each category, the application creates a single directory service device object, representing the entire group rather than individual controllers. This approach simplifies the management of large-scale deployments by reducing the number of directory objects, minimizing administrative overhead, and improving system organization. The solution avoids creating separate directory objects for each management controller, streamlining the management process while maintaining the ability to group and manage controllers by their functional or operational characteristics. This method enhances scalability and efficiency in networked environments with diverse management controller types.
2. The information handling system of claim 1 , the directory service application further configured to: enumerate a plurality of support groups each having access to the management controller categories; associate each of the plurality of support groups to the management controller categories to which they each have access; for each association of support group to category, set a privilege level defining a level of access privilege by the support group to each management controller category to which it has access; and create association objects for the directory service device objects based on enumeration of the support groups, categories, and the privilege levels in order to create a minimal set of association objects.
This invention relates to information handling systems and specifically to a directory service application that manages access control for management controllers. The problem addressed is the need for efficient and scalable management of support groups and their access privileges to different management controller categories within an information handling system. Traditional systems often require extensive manual configuration or lack granularity in access control, leading to inefficiencies or security risks. The directory service application enumerates multiple support groups, each having access to specific management controller categories. It associates each support group with the categories they can access and sets a privilege level for each association, defining the extent of access. The application then creates association objects based on the enumerated support groups, categories, and privilege levels. These association objects are structured to form a minimal set, reducing redundancy and improving system efficiency. The minimal set ensures that only necessary associations are maintained, optimizing performance and simplifying administration. This approach enhances security by precisely defining access rights and streamlines management by automating the association process. The system dynamically adjusts access privileges as needed, ensuring consistent and controlled access to management controller functions.
3. The information handling system of claim 1 , wherein the management controllers comprise at least one host management controller.
The invention relates to information handling systems, specifically those with multiple management controllers for enhanced system management and security. The system includes a plurality of management controllers, at least one of which is a host management controller, designed to manage and secure the information handling system. The host management controller is responsible for overseeing system operations, including hardware and software management, while ensuring secure communication and data integrity. The system may also include additional management controllers that work in conjunction with the host management controller to distribute management tasks, improve redundancy, and enhance security. These controllers may handle specific functions such as firmware updates, system diagnostics, or access control, ensuring comprehensive system oversight. The invention addresses the need for robust, scalable, and secure management in information handling systems, particularly in environments where reliability and security are critical. The use of multiple management controllers, including a dedicated host management controller, allows for efficient task distribution, fault tolerance, and improved system resilience. The system may also include mechanisms for secure communication between controllers, ensuring that management operations are conducted without compromising system integrity. This approach enhances overall system performance, security, and reliability, making it suitable for enterprise and high-availability applications.
4. The information handling system of claim 1 , wherein the management controllers comprise at least one chassis management controller.
An information handling system includes multiple management controllers that monitor and control hardware components within the system. The management controllers are configured to detect hardware failures, manage power distribution, and perform diagnostic operations to ensure system reliability. At least one of these management controllers is a chassis management controller, which specifically oversees the physical enclosure or chassis housing the system's hardware. The chassis management controller monitors environmental conditions such as temperature, humidity, and power supply status, and can initiate corrective actions like shutting down non-critical components or alerting administrators if thresholds are exceeded. This ensures the system operates within safe parameters, preventing damage to hardware and maintaining uptime. The management controllers also communicate with each other to coordinate system-wide operations, such as power sequencing during boot-up or shutdown. The inclusion of a chassis management controller enhances the system's ability to manage and protect its physical infrastructure, improving overall reliability and performance.
5. A method comprising: enumerating a plurality of management controller categories for management controllers configured to provide out-of-band management of a plurality of information handling systems communicatively coupled to one another via a network, wherein the management controller categories specify different types of management controllers, and wherein at least one of the plurality of management controller categories includes a plurality of the management controllers; creating a directory service device object for each of the plurality of management controller categories; and not creating directory service device objects for individual ones of the management controllers.
This invention relates to network management systems for information handling systems, specifically addressing the challenge of efficiently organizing and managing multiple management controllers in a networked environment. Management controllers provide out-of-band management capabilities for information handling systems, allowing remote administration and monitoring. The problem arises when managing numerous management controllers, as traditional approaches require individual directory service device objects for each controller, leading to administrative complexity and resource overhead. The invention solves this by categorizing management controllers into distinct groups based on their types, where each category can include multiple controllers. A directory service device object is created for each category rather than for each individual controller. This reduces the number of directory service objects needed, simplifying management and improving scalability. The method involves enumerating the management controller categories, creating a directory service device object for each category, and intentionally avoiding the creation of individual directory service objects for the controllers themselves. This approach streamlines the management process, reduces administrative burden, and optimizes resource usage in large-scale networked environments.
6. The method of claim 5 , further comprising: enumerating a plurality of support groups each having access to the management controller categories; associating each of the plurality of support groups to the management controller categories to which they each have access; for each association of support group to category, setting a privilege level defining a level of access privilege by the support group to each management controller category to which it has access; and creating association objects for the directory service device objects based on enumeration of the support groups, categories, and the privilege levels in order to create a minimal set of association objects.
This invention relates to access control management in computing systems, specifically for managing support groups' access to management controller categories within a directory service. The problem addressed is the need to efficiently organize and control access privileges for different support groups to various management controller categories, ensuring minimal administrative overhead while maintaining security. The method involves enumerating multiple support groups, each granted access to specific management controller categories. Each support group is associated with the categories they can access, and for each association, a privilege level is set to define the extent of access. The privilege levels determine the operations each support group can perform within the assigned categories, such as read-only, modify, or full control. To streamline administration, the method creates association objects in the directory service based on the enumerated support groups, categories, and privilege levels. These association objects represent the minimal set required to enforce the defined access rules, reducing redundancy and simplifying management. The approach ensures that only necessary associations are created, optimizing system performance and reducing the complexity of access control configurations. This method is particularly useful in large-scale environments where multiple support groups need differentiated access to management controllers.
7. The method of claim 5 , wherein the management controllers comprise at least one host management controller.
A system and method for managing computing resources in a distributed environment addresses the challenge of efficiently coordinating and optimizing resource allocation across multiple controllers. The invention involves a network of management controllers that oversee the distribution and utilization of computing resources, such as processing power, memory, and storage, within a distributed computing system. These controllers dynamically adjust resource allocation based on real-time demand, system performance metrics, and predefined policies to ensure optimal efficiency and reliability. The management controllers include at least one host management controller, which serves as a central coordinator for resource management tasks. This host management controller may handle high-level decision-making, such as load balancing, fault detection, and resource prioritization, while other controllers may focus on specific subsystems or tasks. The system ensures seamless communication between controllers to maintain consistency and avoid conflicts in resource allocation. By integrating these controllers, the invention provides a scalable and adaptive solution for managing complex computing environments, improving overall system performance and resource utilization.
8. The method of claim 5 , wherein the management controllers comprise at least one chassis management controller.
A system and method for managing computing infrastructure involves a distributed architecture with multiple management controllers responsible for monitoring and controlling hardware components. The management controllers are configured to communicate with each other and with external systems to ensure proper operation, fault detection, and recovery. At least one of these controllers is a chassis management controller, which specifically oversees the hardware components within a computing chassis. This includes monitoring power supply, temperature, fan speed, and other environmental conditions, as well as managing firmware updates and hardware diagnostics. The chassis management controller may also interface with other management controllers to coordinate system-wide operations, such as load balancing, failover, and maintenance tasks. The system is designed to improve reliability and reduce downtime by providing centralized control and real-time monitoring of hardware resources. The architecture allows for scalability, enabling the addition of more management controllers as the infrastructure grows. This approach is particularly useful in data centers and high-availability computing environments where continuous monitoring and automated management are critical.
9. An article of manufacture comprising: a non-transitory computer readable medium; and computer-executable instructions carried on the computer readable medium, the instructions readable by a processor, the instructions, when read and executed, for causing the processor to: enumerate a plurality of management controller categories for management controllers configured to provide out-of-band management of a plurality of information handling systems communicatively coupled to one another via a network, wherein the management controller categories specify different types of management controllers, and wherein at least one of the plurality of management controller categories includes a plurality of the management controllers; create a directory service device object for each of the plurality of management controller categories; and not creating directory service device objects for individual ones of the management controllers.
This invention relates to out-of-band management of information handling systems in a networked environment. The problem addressed is the complexity and inefficiency of managing multiple management controllers, which are devices that provide remote, out-of-band control and monitoring of information handling systems (e.g., servers, computers) over a network. Traditional approaches require creating individual directory service device objects for each management controller, leading to excessive administrative overhead and scalability issues. The invention provides a solution by categorizing management controllers into distinct groups based on their types or functionalities. Each category is represented by a single directory service device object, rather than creating separate objects for each individual management controller. This reduces the number of objects in the directory service, simplifying management and improving scalability. The system first enumerates the management controllers into predefined categories, where at least one category contains multiple controllers. It then creates a directory service device object for each category, but not for individual controllers. This approach streamlines the management process, reduces administrative burden, and enhances system efficiency by consolidating management operations at the category level. The invention is implemented via computer-executable instructions stored on a non-transitory computer-readable medium, which, when executed by a processor, perform the described operations.
10. The article of claim 9 , the instructions for further causing the processor to: enumerate a plurality of support groups each having access to the management controller categories; associate each of the plurality of support groups to the management controller categories to which they each have access; for each association of support group to category, set a privilege level defining a level of access privilege by the support group to each management controller category to which it has access; and create association objects for the directory service device objects based on enumeration of the support groups, categories, and the privilege levels in order to create a minimal set of association objects.
This invention relates to a system for managing access control in a computing environment, specifically for organizing and restricting access to management controller categories by different support groups. The problem addressed is the need for a structured and efficient way to manage permissions across multiple support groups, ensuring that each group has appropriate access levels to different management controller categories while minimizing administrative overhead. The system involves a processor executing instructions to enumerate multiple support groups, each of which has access to certain management controller categories. Each support group is associated with the specific categories they can access, and for each association, a privilege level is set to define the extent of access (e.g., read-only, read-write, administrative). The system then creates association objects in a directory service, mapping these support groups, categories, and privilege levels to form a minimal set of association objects. This approach reduces redundancy and simplifies permission management by consolidating access rules into a streamlined structure. The directory service device objects are updated based on these associations, ensuring that access control policies are consistently enforced across the system. The solution improves scalability and maintainability by automating the generation of access control objects while ensuring granular control over permissions.
11. The article of claim 9 , wherein the management controllers comprise at least one host management controller.
A system for managing data storage in a distributed computing environment addresses the challenge of efficiently coordinating storage operations across multiple nodes. The system includes a plurality of management controllers that oversee data storage and retrieval processes. These controllers are responsible for handling requests from host systems, managing data distribution, and ensuring data integrity. At least one of the management controllers functions as a host management controller, specifically dedicated to interfacing with host systems to receive and process storage requests. The host management controller translates these requests into commands for other management controllers, which then execute the necessary storage operations. This hierarchical structure improves scalability and reliability by distributing the workload and providing a centralized point for host interactions. The system also supports redundancy and failover mechanisms to maintain continuous operation in case of controller failures. The overall architecture enhances performance and fault tolerance in large-scale storage environments.
12. The article of claim 9 , wherein the management controllers comprise at least one chassis management controller.
A system for managing computing resources in a data center environment addresses the challenge of efficiently monitoring and controlling distributed hardware components. The system includes multiple management controllers that oversee the operation of computing devices, such as servers, storage systems, or networking equipment. These controllers collect performance data, detect hardware failures, and enforce power management policies. At least one of these controllers is a chassis management controller, which specifically manages a chassis housing multiple computing devices. The chassis management controller monitors the physical state of the chassis, including temperature, power consumption, and hardware status, and coordinates actions like cooling adjustments or power cycling to maintain optimal operation. The system may also include additional controllers, such as rack-level or facility-wide controllers, to provide hierarchical management across different scales. By integrating these controllers, the system ensures centralized oversight while allowing localized control for specific hardware components, improving reliability and operational efficiency in large-scale computing environments.
Unknown
August 27, 2019
Browse 5M+ US patents with plain-English claim translations and AI-generated analysis.